Trojan Hippo: Weaponizing Agent Memory for Data Exfiltration

ArXi:2605.01970v2 Announce Type: cross Memory systems enable otherwise-stateless LLM agents to persist user information across sessions, but also While anecdotal nstrations of such attacks have appeared against deployed systems, no prior work systematically evaluates them across heterogeneous memory architectures and defenses.